it-sa 2019 – Lean Application Security
At the it-sa 2019 we will present our innovative consulting concept:
Lean Application Security is a lean process model for integrating security into the software development process. It aims for the development of secure applications and systems from the ground up without disrupting the project flow and complicating the project result.
Lean Application Security integrates seamlessly into modern agile development models and DevOps processes.
Application security is anchored in a way that embraces and supports the entire development process.
#1 – New Can I Trust Test Case – Browser returns secret out of pre-cached response in a CORS-Request
Update: Our WordPress Author Security Plugin is now available in the WordPress Plugin Store.
How can you actively prevent usernames from being enumerated on WordPress author pages?
In our Big Application Security Penetration Test FAQ for clients we answer everything you should know before, during and after the commissioning of an Application Security Penetration Test.
In focus today: Questions #18 and #19 – How are vulnerabilities found evaluated? And what is the CVSS?
CSRF Countermeasures #2: Another way to protect against CSRF – stateless – is the Double Submit Cookie method.